A new Obama administration cybersecurity initiative isn't placing new burdens on federal government agencies; it's aimed at getting them to comply with recommended safeguards they've failed to implement.
The investigation into the U.S. Office of Personnel Management breach has reportedly found that foreign spies may have stolen deeply personal information on up to 14 million current and former federal workers, going back three decades.
A massive breach at the U.S. Office of Personnel Management wasn't discovered by government sleuths - or the Einstein DHS intrusion detection system - but rather during a product demo, a new report says.
In addition to providing training, healthcare organizations should consider implementing technology to help prevent user mistakes that can lead to breaches of protected health information, says Geoffrey Bibby of ZixCorp.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
Too few security systems interoperate, which makes it difficult for organizations to block or detect data breaches. But Cisco has an interoperability plan to improve the state of cybersecurity defenses, Chief Security Architect Martin Roesch says.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
Organizations are getting increasingly prioritizing incident response capabilities by putting investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.